feat(dbus): improve dbus introspectable rules.

This commit is contained in:
Alexandre Pujol 2023-09-15 18:14:39 +01:00
parent 2d2693bd99
commit f7d1931bdf
No known key found for this signature in database
GPG Key ID: C5469996F0DF68EC
37 changed files with 51 additions and 69 deletions

View File

@ -34,7 +34,7 @@ profile ibus-daemon @{exec_path} flags=(attach_disconnected) {
member=ListMountableInfo
peer=(name=:*, label=gvfsd),
dbus receive bus=session path=/
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -19,7 +19,7 @@ profile ibus-dconf @{exec_path} flags=(attach_disconnected) {
unix (send, receive, connect) type=stream peer=(addr="@/home/*/.cache/ibus/dbus-????????", label=ibus-daemon),
unix (send, receive, connect) type=stream peer=(addr="@/var/lib/gdm{3,}/.cache/ibus/dbus-????????", label=ibus-daemon),
dbus receive bus=session path=/
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -57,7 +57,7 @@ profile ibus-extension-gtk3 @{exec_path} flags=(attach_disconnected) {
member=Embed
peer=(name=org.a11y.atspi.Registry), # all peer's labels
dbus receive bus=session path=/
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -19,7 +19,7 @@ profile ibus-portal @{exec_path} flags=(attach_disconnected) {
member={RequestName,ReleaseName}
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
dbus receive bus=session path=/{,org}
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -73,7 +73,7 @@ profile at-spi2-registryd @{exec_path} flags=(attach_disconnected) {
member=GetAddress
peer=(name=org.a11y.Bus, label=at-spi-bus-launcher),
dbus receive bus=session path=/
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -29,7 +29,7 @@ profile dconf-service @{exec_path} flags=(attach_disconnected) {
member=Change
peer=(name=:*), # all peer's labels
dbus receive bus=session path=/
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -38,7 +38,7 @@ profile pipewire @{exec_path} flags=(attach_disconnected) {
member=Get
peer=(name=org.freedesktop.RealtimeKit[0-9]),
dbus receive bus=session path=/
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -31,7 +31,7 @@ profile pipewire-media-session @{exec_path} {
member=MakeThreadRealtime
peer=(name=org.freedesktop.RealtimeKit1),
dbus receive bus=session path=/
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -75,7 +75,8 @@ profile pulseaudio @{exec_path} {
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect,
member=Introspect
peer=(name=:*, label=gnome-shell),
dbus bind bus=session
name=org.freedesktop.ReserveDevice[0-9].Audio[0-9],

View File

@ -97,7 +97,7 @@ profile xdg-desktop-portal @{exec_path} flags=(attach_disconnected) {
member=Lookup
peer=(name=:*, label=xdg-permission-store),
dbus receive bus=session path=/
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -117,7 +117,7 @@ profile xdg-desktop-portal-gnome @{exec_path} {
member=Read
peer=(name=:*, label=xdg-desktop-portal),
dbus receive bus=session path=/
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -21,12 +21,9 @@ profile evolution-source-registry @{exec_path} {
network inet6 dgram,
network netlink raw,
dbus (receive) bus=session path=/org/gnome/evolution/dataserver{,/**}
interface=org.freedesktop.DBus.Introspectable
peer=(name=:*, label=gnome-shell),
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),
dbus receive bus=session path=/org/gnome/evolution/dataserver/SourceManager

View File

@ -31,7 +31,7 @@ profile gdm-wayland-session @{exec_path} {
member=Get
peer=(name=org.freedesktop.systemd[0-9]*, label=unconfined),
dbus receive bus=session path=/
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -41,12 +41,7 @@ profile gjs-console @{exec_path} flags=(attach_disconnected) {
member=GetAll
peer=(name=:*, label=gnome-shell),
dbus receive bus=session path=/org/freedesktop/Notifications
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),
dbus receive bus=session path=/org/freedesktop
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),
@ -68,11 +63,6 @@ profile gjs-console @{exec_path} flags=(attach_disconnected) {
interface=org.freedesktop.DBus.Properties
peer=(name=:*, label=gnome-shell),
dbus receive bus=session path=/{,org}
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),
dbus bind bus=session name=org.gnome.ScreenSaver,
dbus bind bus=session name=org.freedesktop.Notifications,

View File

@ -324,10 +324,10 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected) {
member=Introspect
peer=(name=:*), # all paths and peer's labels
dbus receive bus=session path=/{,org,StatusNotifierWatcher}
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell), # itself
peer=(name=:*, label=gnome-shell),
dbus (send, receive) bus=session path=/org/gnome/SettingsDaemon/Rfkill
interface=org.freedesktop.DBus.Properties

View File

@ -44,7 +44,7 @@ profile gsd-a11y-settings @{exec_path} flags=(attach_disconnected) {
member={CancelEndSession,QueryEndSession,EndSession,Stop}
peer=(name=:*, label=gnome-session-binary),
dbus receive bus=session path=/
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -108,7 +108,7 @@ profile gsd-color @{exec_path} flags=(attach_disconnected) {
member=Embed
peer=(name=org.a11y.atspi.Registry), # all peer's labels
dbus receive bus=session path=/
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -44,7 +44,7 @@ profile gsd-datetime @{exec_path} flags=(attach_disconnected) {
member={CancelEndSession,QueryEndSession,EndSession,Stop}
peer=(name=:*, label=gnome-session-binary),
dbus receive bus=session path=/
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -85,7 +85,7 @@ profile gsd-keyboard @{exec_path} flags=(attach_disconnected) {
member=ListMountableInfo
peer=(name=:*, label=gvfsd),
dbus receive bus=session path=/
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -149,7 +149,7 @@ profile gsd-media-keys @{exec_path} flags=(attach_disconnected) {
member=EventListenerDeregistered
peer=(name=:*, label=at-spi2-registryd),
dbus receive bus=session path=/
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -160,7 +160,7 @@ profile gsd-power @{exec_path} flags=(attach_disconnected) {
member=ActiveChanged
peer=(name=:*, label=gjs-console),
dbus receive bus=session path=/
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -68,7 +68,7 @@ profile gsd-print-notifications @{exec_path} flags=(attach_disconnected) {
member=RegisterClient
peer=(name=:*, label=gnome-session-binary),
dbus receive bus=session path=/
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -45,10 +45,10 @@ profile gsd-printer @{exec_path} flags=(attach_disconnected) {
member={EndSession,QueryEndSession,CancelEndSession,Stop}
peer=(name=:*, label=gnome-session-binary),
dbus receive bus=session path=/
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*),
peer=(name=:*, label=gnome-shell),
@{exec_path} mr,

View File

@ -76,7 +76,7 @@ profile gsd-rfkill @{exec_path} flags=(attach_disconnected) {
member=PropertiesChanged
peer=(name=org.freedesktop.DBus, label=gnome-shell),
dbus receive bus=session path=/{,org}
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -43,7 +43,7 @@ profile gsd-screensaver-proxy @{exec_path} flags=(attach_disconnected) {
member={ClientAdded,SessionRunning,ClientRemoved,InhibitorRemoved,InhibitorAdded}
peer=(name=:*, label=gnome-session-binary),
dbus receive bus=session path=/{,org}
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -91,7 +91,7 @@ profile gsd-sharing @{exec_path} flags=(attach_disconnected) {
member=StopUnit
peer=(name=org.freedesktop.systemd[0-9]*), # all peer's labels
dbus receive bus=session path=/{,org}
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -56,7 +56,7 @@ profile gsd-smartcard @{exec_path} flags=(attach_disconnected) {
member=GetAll
peer=(name=:*, label=gnome-shell),
dbus receive bus=session path=/
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -45,7 +45,7 @@ profile gsd-sound @{exec_path} flags=(attach_disconnected) {
member={CancelEndSession,QueryEndSession,EndSession,Stop}
peer=(name=:*, label=gnome-session-binary),
dbus receive bus=session path=/
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -75,7 +75,7 @@ profile gsd-wacom @{exec_path} flags=(attach_disconnected) {
member=GetAll
peer=(name=:*, label=gnome-shell),
dbus receive bus=session path=/
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -52,7 +52,7 @@ profile gvfs-udisks2-volume-monitor @{exec_path} flags=(attach_disconnected) {
member={List,IsSupported}
peer=(name=:*, label="{gnome-shell,gnome-control-center,gnome-extension-ding,tracker-*,unconfined}"),
dbus receive bus=session path=/{,org,org/gtk,org/gtk/Private,org/gtk/Private/RemoteVolumeMonitor}
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -35,7 +35,7 @@ profile gvfsd-trash @{exec_path} {
member=Spawned
peer=(name=:*, label=gvfsd),
dbus receive bus=session path=/
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),

View File

@ -20,16 +20,16 @@ profile software-properties-dbus @{exec_path} {
member=RequestName
peer=(name=org.freedesktop.DBus),
dbus receive bus=system path=/
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect,
member=Introspect
peer=(name=:*, label=gnome-shell),
dbus receive bus=system path=/
interface=com.ubuntu.SoftwareProperties
member=Reload,
dbus bind bus=system
name=com.ubuntu.SoftwareProperties,
dbus bind bus=system name=com.ubuntu.SoftwareProperties,
@{exec_path} mr,

View File

@ -20,13 +20,10 @@ profile software-properties-gtk @{exec_path} {
include <abstractions/python>
include <abstractions/wayland>
dbus (send,receive) bus=system path=/com/canonical/UbuntuAdvantage/{,**}
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect,
dbus send bus=system path=/
interface=org.freedesktop.DBus.Introspectable
member=Introspect,
member=Introspect
peer=(name=:*, label=gnome-shell),
dbus send bus=system path=/
interface=com.ubuntu.SoftwareProperties

View File

@ -19,13 +19,10 @@ profile ubuntu-advantage-desktop-daemon @{exec_path} flags=(attach_disconnected)
member=RequestName
peer=(name=org.freedesktop.DBus),
dbus receive bus=system path=/com/canonical/UbuntuAdvantage/{Manager,Services/*}
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect,
dbus receive bus=system path=/
interface=org.freedesktop.DBus.Introspectable
member=Introspect,
member=Introspect
peer=(name=:*, label=gnome-shell),
dbus receive bus=system path=/
interface=org.freedesktop.DBus.ObjectManager

View File

@ -75,8 +75,8 @@ profile thunderbird @{exec_path} {
member={UserAdded,UserRemoved}
peer=(name=:*, label=systemd-logind),
dbus receive bus=system path=/{,org{,/mozilla{,/thunderbird{,/Remote}}}}
interface==org.freedesktop.DBus.Introspectable
dbus receive bus=system
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),